Network management is to plan, design, and control network resources and network equipment, so as to enable the network to maintain a high reliability and a maximum efficiency.
The network management concept has been gradually introduced with the development of the Internet. In early days, the Internet has fewer network access nodes, and has a simple structure, and most networks have flat structures. Thus, the management associated with fault detection and performance monitoring of the network is quite simple and easy. As the network technology has been continuously developed, the scale of the network is continuously expanded, the functional complexity is continuously enhanced, and the heterogeneous networks have been gradually merged, so that the network management becomes more and more difficult.
The conventional network management system generally adopts a centralized management model, in which the management function is concentrated on a manager at the management station, and the manager utilizes a simple network management protocol (SNMP) to communicate with an agent in equipment being managed to acquire management information for processing, and then sends a management operation instruction to implement the management on the equipment being managed. For example, the Internet Engineering Task Force (IETF) has proposed a SNMP-based manager/agent model in the year of 1988. Such a concentrated management model has the following defects.
1. The concentrated management model is mainly applicable to the management of data networks, and is merely applicable to a small-sized network with a simple structure or an application without frequently visiting the management information.
2. As the scale of the network is gradually expanded, and the number of users is continuously increased, the management of nodes has gradually become a bottleneck of the network management.
3. Too many polling operations are performed, widely-distributed agents require a large bandwidth overhead, and the management information obtained by the manager from each agent is raw data, so that the transmission of a great deal of raw data wastes the bandwidth and consumes valuable CPU resources of the manager, and as a result, the network management efficiency is rather low.
The network management system based on a common management information protocol (CMIP) is much more complicated than that based on the SNMP, which also adopts the centralized management mode and is mainly applicable to telecommunication network management.
Currently, network management has been gradually and rapidly developed towards the direction of distributed and intelligent distributed network management. The distributed network management is to divide a large-scale network management into several peer management sub-domains, one domain is managed by one manager, and managers are communicated with each other. When the information of other domain is required, the manager communicates with a corresponding peer system. As the distributed network management distributes the network management tasks and monitoring function to the whole network, without relying on a single control center, the network management traffic may be reduced, thus providing powerful management capability and extensibility.
The development trend of the distributed network management is mainly presented in the following two aspects. One aspect is to design an open, standard, and extensible large-scale distributed network management system by using a distributed computing tool under the current network management frame, which mainly includes a common object request broker architecture (CORBA)-based distributed network management system and a Web-based distributed network management system, and has the feature of being easily realized. The other aspect is a novel network management based on a distributed architecture, for example, a mobility-agent-based network management system.
However, the current centralized network management system and the distributed network management system both have the following security problems.
1. The host where the agent resides may attack the agent, and the current detection-based method cannot ensure the security of the agent.
2. The agent may attack the host where the agent resides, for example, the agent illegally visits private information of the host where the agent resides, and currently merely passive defense such as intrusion detection can be adopted to prevent such attack.
3. The network management user completely relies on the manager system, so that the security risk exits. If the manager system is controlled by a virus or Trojan horse, the manager system does not work according to the desire of the network management user, thereby losing the control and management on the network.
4. The managed host completely relies on the manger system, so that the security risk also exists. If the managed host does not detect whether the manager system is intruded by a virus or Trojan horse, once the agent residing on the managed host receives a malicious management command, the agent performs a malicious operation on the managed host.